<!DOCTYPE html>



  


<html class="theme-next gemini use-motion" lang="zh-Hans">
<head>
  <meta charset="UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"/>
<meta name="theme-color" content="#222">









<meta http-equiv="Cache-Control" content="no-transform" />
<meta http-equiv="Cache-Control" content="no-siteapp" />
















  
  
  <link href="/lib/fancybox/source/jquery.fancybox.css?v=2.1.5" rel="stylesheet" type="text/css" />







<link href="/lib/font-awesome/css/font-awesome.min.css?v=4.6.2" rel="stylesheet" type="text/css" />

<link href="/css/main.css?v=5.1.3" rel="stylesheet" type="text/css" />


  <link rel="apple-touch-icon" sizes="180x180" href="/images/apple-touch-icon-next.png?v=5.1.3">


  <link rel="icon" type="image/png" sizes="32x32" href="/images/favicon-32x32-next.png?v=5.1.3">


  <link rel="icon" type="image/png" sizes="16x16" href="/images/favicon-16x16-next.png?v=5.1.3">


  <link rel="mask-icon" href="/images/logo.svg?v=5.1.3" color="#222">





  <meta name="keywords" content="vsftp," />










<meta name="description" content="安装安装Vsftpd服务相关部件：[root@KcentOS5 ~]# yum install vsftpd* 确认安装PAM服务相关部件：[root@KcentOS5 ~]# yum install pam* 开发包，其实不装也没有关系，主要的目的是确认PAM。 1安装DB4部件包：这里要特别安装一个db4的包，用来">
<meta name="keywords" content="vsftp">
<meta property="og:type" content="article">
<meta property="og:title" content="VSftp配置及虚拟用户创建">
<meta property="og:url" content="http://yoursite.com/2019/05/20/vsftp配置及虚拟用户创建.md/index.html">
<meta property="og:site_name" content="就这样">
<meta property="og:description" content="安装安装Vsftpd服务相关部件：[root@KcentOS5 ~]# yum install vsftpd* 确认安装PAM服务相关部件：[root@KcentOS5 ~]# yum install pam* 开发包，其实不装也没有关系，主要的目的是确认PAM。 1安装DB4部件包：这里要特别安装一个db4的包，用来支持文件数据库。[root@KcentOS5 ~]# yum install d">
<meta property="og:locale" content="zh-Hans">
<meta property="og:updated_time" content="2019-06-11T13:22:50.000Z">
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="VSftp配置及虚拟用户创建">
<meta name="twitter:description" content="安装安装Vsftpd服务相关部件：[root@KcentOS5 ~]# yum install vsftpd* 确认安装PAM服务相关部件：[root@KcentOS5 ~]# yum install pam* 开发包，其实不装也没有关系，主要的目的是确认PAM。 1安装DB4部件包：这里要特别安装一个db4的包，用来支持文件数据库。[root@KcentOS5 ~]# yum install d">



<script type="text/javascript" id="hexo.configurations">
  var NexT = window.NexT || {};
  var CONFIG = {
    root: '/',
    scheme: 'Gemini',
    version: '5.1.3',
    sidebar: {"position":"left","display":"post","offset":12,"b2t":true,"scrollpercent":true,"onmobile":false},
    fancybox: true,
    tabs: true,
    motion: {"enable":true,"async":false,"transition":{"post_block":"fadeIn","post_header":"slideDownIn","post_body":"slideDownIn","coll_header":"slideLeftIn","sidebar":"slideUpIn"}},
    duoshuo: {
      userId: '0',
      author: '博主'
    },
    algolia: {
      applicationID: '',
      apiKey: '',
      indexName: '',
      hits: {"per_page":10},
      labels: {"input_placeholder":"Search for Posts","hits_empty":"We didn't find any results for the search: ${query}","hits_stats":"${hits} results found in ${time} ms"}
    }
  };
</script>



  <link rel="canonical" href="http://yoursite.com/2019/05/20/vsftp配置及虚拟用户创建.md/"/>





  <title>VSftp配置及虚拟用户创建 | 就这样</title>
  





  <script type="text/javascript">
    var _hmt = _hmt || [];
    (function() {
      var hm = document.createElement("script");
      hm.src = "https://hm.baidu.com/hm.js?cd728e866fd84c864ea2c8eb561ffbdf";
      var s = document.getElementsByTagName("script")[0];
      s.parentNode.insertBefore(hm, s);
    })();
  </script>




</head>

<body itemscope itemtype="http://schema.org/WebPage" lang="zh-Hans">

  
  
    
  

  <div class="container sidebar-position-left page-post-detail">
    <div class="headband">
      <a href="http://193.112.91.89:8080" class="github-corner" aria-label="View source on GitHub"><svg width="80" height="80" viewBox="0 0 250 250" style="fill:#FD6C6C; color:#fff; position: absolute; top: 0; border: 0; right: 0;" aria-hidden="true"><path d="M0,0 L115,115 L130,115 L142,142 L250,250 L250,0 Z"></path><path d="M128.3,109.0 C113.8,99.7 119.0,89.6 119.0,89.6 C122.0,82.7 120.5,78.6 120.5,78.6 C119.2,72.0 123.4,76.3 123.4,76.3 C127.3,80.9 125.5,87.3 125.5,87.3 C122.9,97.6 130.6,101.9 134.4,103.2" fill="currentColor" style="transform-origin: 130px 106px;" class="octo-arm"></path><path d="M115.0,115.0 C114.9,115.1 118.7,116.5 119.8,115.4 L133.7,101.6 C136.9,99.2 139.9,98.4 142.2,98.6 C133.8,88.0 127.5,74.4 143.8,58.0 C148.5,53.4 154.0,51.2 159.7,51.0 C160.3,49.4 163.2,43.6 171.4,40.1 C171.4,40.1 176.1,42.5 178.8,56.2 C183.1,58.6 187.2,61.8 190.9,65.4 C194.5,69.0 197.7,73.2 200.1,77.6 C213.8,80.2 216.3,84.9 216.3,84.9 C212.7,93.1 206.9,96.0 205.4,96.6 C205.1,102.4 203.0,107.8 198.3,112.5 C181.9,128.9 168.3,122.5 157.7,114.1 C157.9,116.9 156.7,120.9 152.7,124.9 L141.0,136.5 C139.8,137.7 141.6,141.9 141.8,141.8 Z" fill="currentColor" class="octo-body"></path></svg></a><style>.github-corner:hover .octo-arm{animation:octocat-wave 560ms ease-in-out}@keyframes octocat-wave{0%,100%{transform:rotate(0)}20%,60%{transform:rotate(-25deg)}40%,80%{transform:rotate(10deg)}}@media (max-width:500px){.github-corner:hover .octo-arm{animation:none}.github-corner .octo-arm{animation:octocat-wave 560ms ease-in-out}}</style>
    </div>

    <header id="header" class="header" itemscope itemtype="http://schema.org/WPHeader">
      <div class="header-inner"><div class="site-brand-wrapper">
  <div class="site-meta ">
    

    <div class="custom-logo-site-title">
      <a href="/"  class="brand" rel="start">
        <span class="logo-line-before"><i></i></span>
        <span class="site-title">就这样</span>
        <span class="logo-line-after"><i></i></span>
      </a>
    </div>
      
        <p class="site-subtitle">淋雨一直走</p>
      
  </div>

  <div class="site-nav-toggle">
    <button>
      <span class="btn-bar"></span>
      <span class="btn-bar"></span>
      <span class="btn-bar"></span>
    </button>
  </div>
</div>

<nav class="site-nav">
  

  
    <ul id="menu" class="menu">
      
        
        <li class="menu-item menu-item-home">
          <a href="/" rel="section">
            
              <i class="menu-item-icon fa fa-fw fa-home"></i> <br />
            
            首页
          </a>
        </li>
      
        
        <li class="menu-item menu-item-categories">
          <a href="/categories/" rel="section">
            
              <i class="menu-item-icon fa fa-fw fa-th"></i> <br />
            
            分类
          </a>
        </li>
      
        
        <li class="menu-item menu-item-tags">
          <a href="/tags/" rel="section">
            
              <i class="menu-item-icon fa fa-fw fa-tags"></i> <br />
            
            标签
          </a>
        </li>
      
        
        <li class="menu-item menu-item-archives">
          <a href="/archives/" rel="section">
            
              <i class="menu-item-icon fa fa-fw fa-archive"></i> <br />
            
            归档
          </a>
        </li>
      
        
        <li class="menu-item menu-item-about">
          <a href="/about/" rel="section">
            
              <i class="menu-item-icon fa fa-fw fa-user"></i> <br />
            
            关于
          </a>
        </li>
      

      
        <li class="menu-item menu-item-search">
          
            <a href="javascript:;" class="popup-trigger">
          
            
              <i class="menu-item-icon fa fa-search fa-fw"></i> <br />
            
            搜索
          </a>
        </li>
      
    </ul>
  

  
    <div class="site-search">
      
  <div class="popup search-popup local-search-popup">
  <div class="local-search-header clearfix">
    <span class="search-icon">
      <i class="fa fa-search"></i>
    </span>
    <span class="popup-btn-close">
      <i class="fa fa-times-circle"></i>
    </span>
    <div class="local-search-input-wrapper">
      <input autocomplete="off"
             placeholder="搜索..." spellcheck="false"
             type="text" id="local-search-input">
    </div>
  </div>
  <div id="local-search-result"></div>
</div>



    </div>
  
</nav>



 </div>
    </header>

    <main id="main" class="main">
      <div class="main-inner">
        <div class="content-wrap">
          <div id="content" class="content">
            

  <div id="posts" class="posts-expand">
    

  

  
  
  

  <article class="post post-type-normal" itemscope itemtype="http://schema.org/Article">
  
  
  
  <div class="post-block">
    <link itemprop="mainEntityOfPage" href="http://yoursite.com/2019/05/20/vsftp配置及虚拟用户创建.md/">

    <span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
      <meta itemprop="name" content="已经被时间上锁">
      <meta itemprop="description" content="">
      <meta itemprop="image" content="/images/avatar.png">
    </span>

    <span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
      <meta itemprop="name" content="就这样">
    </span>

    
      <header class="post-header">

        
        
          <h1 class="post-title" itemprop="name headline">VSftp配置及虚拟用户创建</h1>
        

        <div class="post-meta">
          <span class="post-time">
            
              <span class="post-meta-item-icon">
                <i class="fa fa-calendar-o"></i>
              </span>
              
                <span class="post-meta-item-text">发表于</span>
              
              <time title="创建于" itemprop="dateCreated datePublished" datetime="2019-05-20T00:00:00+08:00">
                2019-05-20
              </time>
            

            

            
          </span>

          
            <span class="post-category" >
            
              <span class="post-meta-divider">|</span>
            
              <span class="post-meta-item-icon">
                <i class="fa fa-folder-o"></i>
              </span>
              
                <span class="post-meta-item-text">分类于</span>
              
              
                <span itemprop="about" itemscope itemtype="http://schema.org/Thing">
                  <a href="/categories/Linux/" itemprop="url" rel="index">
                    <span itemprop="name">Linux</span>
                  </a>
                </span>

                
                
              
            </span>
          

          
            
              <span class="post-comments-count">
                <span class="post-meta-divider">|</span>
                <span class="post-meta-item-icon">
                  <i class="fa fa-comment-o"></i>
                </span>
                <a href="/2019/05/20/vsftp配置及虚拟用户创建.md/#comments" itemprop="discussionUrl">
                  <span class="post-comments-count valine-comment-count" data-xid="/2019/05/20/vsftp配置及虚拟用户创建.md/" itemprop="commentCount"></span>
                </a>
              </span>
            
          

          
          

          

          
            <div class="post-wordcount">
              
                
                <span class="post-meta-item-icon">
                  <i class="fa fa-file-word-o"></i>
                </span>
                
                  <span class="post-meta-item-text">字数统计&#58;</span>
                
                <span title="字数统计">
                  4,396
                </span>
              

              
                <span class="post-meta-divider">|</span>
              

              
                <span class="post-meta-item-icon">
                  <i class="fa fa-clock-o"></i>
                </span>
                
                  <span class="post-meta-item-text">阅读时长 &asymp;</span>
                
                <span title="阅读时长">
                  20
                </span>
              
            </div>
          

          

        </div>
      </header>
    

    
    
    
    <div class="post-body" itemprop="articleBody">

      
      

      
        <h4 id="安装"><a href="#安装" class="headerlink" title="安装"></a>安装</h4><h5 id="安装Vsftpd服务相关部件："><a href="#安装Vsftpd服务相关部件：" class="headerlink" title="安装Vsftpd服务相关部件："></a>安装Vsftpd服务相关部件：</h5><p>[root@KcentOS5 ~]# yum install vsftpd*</p>
<h5 id="确认安装PAM服务相关部件："><a href="#确认安装PAM服务相关部件：" class="headerlink" title="确认安装PAM服务相关部件："></a>确认安装PAM服务相关部件：</h5><p>[root@KcentOS5 ~]# yum install pam*</p>
<p>开发包，其实不装也没有关系，主要的目的是确认PAM。</p>
<h5 id="1安装DB4部件包："><a href="#1安装DB4部件包：" class="headerlink" title="1安装DB4部件包："></a>1安装DB4部件包：</h5><p>这里要特别安装一个db4的包，用来支持文件数据库。<br>[root@KcentOS5 ~]# yum install db4*</p>
<h4 id="系统帐户"><a href="#系统帐户" class="headerlink" title="系统帐户"></a>系统帐户</h4><h5 id="建立Vsftpd服务的宿主用户："><a href="#建立Vsftpd服务的宿主用户：" class="headerlink" title="建立Vsftpd服务的宿主用户："></a>建立Vsftpd服务的宿主用户：</h5><p>[root@KcentOS5 ~]# useradd vsftpd -s /sbin/nologin<br>默认的Vsftpd的服务宿主用户是root，但是这不符合安全性的需要。这里建立名字为vsftpd的用户，用他来作为支持Vsftpd的服务宿主用户。由于该用户仅用来支持Vsftpd服务用，因此没有许可他登陆系统的必要，并设定他为不能登陆系统的用户。</p>
<h5 id="建立Vsftpd虚拟宿主用户："><a href="#建立Vsftpd虚拟宿主用户：" class="headerlink" title="建立Vsftpd虚拟宿主用户："></a>建立Vsftpd虚拟宿主用户：</h5><p>`# useradd overlord -s /sbin/nologin</p>
<p>本篇主要是介绍Vsftp的虚拟用户，虚拟用户并不是系统用户，也就是说这些FTP的用户在系统中是不存在的。他们的总体权限其实是集中寄托在一个在系统中的某一个用户身上的，所谓Vsftpd的虚拟宿主用户，就是这样一个支持着所有虚拟用户的宿主用户。由于他支撑了FTP的所有虚拟的用户，那么他本身的权限将会影响着这些虚拟的用户，因此，处于安全性的考虑，也要非分注意对该用户的权限的控制，该用户也绝对没有登陆系统的必要，这里也设定他为不能登陆系统的用户。（这里插一句：原本在建立上面两个用户的时候，想连用户主路径也不打算给的。本来想加上 -d /home/nowhere 的，据man useradd手册上讲述：“       -d, –home HOME_DIR<br>The new user will be created using HOME_DIR as the value for the<br>user鈙 login directory. The default is to append the LOGIN name to<br>BASE_DIR and use that as the login directory name. The directory<br>HOME_DIR does not have to exist but will not be created if it is<br>missing.<br>使用-d参数指定用户的主目录，用户主目录并不是必须存在的。如果没有存在指定的目录的话，那么它将不会被建立”。</p>
<h4 id="调整Vsftpd的配置文件："><a href="#调整Vsftpd的配置文件：" class="headerlink" title="调整Vsftpd的配置文件："></a>调整Vsftpd的配置文件：</h4><h5 id="编辑配置文件前先备份"><a href="#编辑配置文件前先备份" class="headerlink" title="编辑配置文件前先备份"></a>编辑配置文件前先备份</h5><p>[root@KcentOS5 ~]# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.backup2.编辑主配置文件Vsftpd.conf<br>[root@KcentOS5 ~]# vi /etc/vsftpd/vsftpd.conf<br>这里我将原配置文件的修改完全记录，凡是修改的地方我都会保留注释原来的配置。其中加入我对每条配置项的认识，对于一些比较关键的配置项这里我做了我的观点，并且原本英语的说明我也不删除，供参考对比用。<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br><span class="line">51</span><br><span class="line">52</span><br><span class="line">53</span><br><span class="line">54</span><br><span class="line">55</span><br><span class="line">56</span><br><span class="line">57</span><br><span class="line">58</span><br><span class="line">59</span><br><span class="line">60</span><br><span class="line">61</span><br><span class="line">62</span><br><span class="line">63</span><br><span class="line">64</span><br><span class="line">65</span><br><span class="line">66</span><br><span class="line">67</span><br><span class="line">68</span><br><span class="line">69</span><br><span class="line">70</span><br><span class="line">71</span><br><span class="line">72</span><br><span class="line">73</span><br><span class="line">74</span><br><span class="line">75</span><br><span class="line">76</span><br><span class="line">77</span><br><span class="line">78</span><br><span class="line">79</span><br><span class="line">80</span><br><span class="line">81</span><br><span class="line">82</span><br><span class="line">83</span><br><span class="line">84</span><br><span class="line">85</span><br><span class="line">86</span><br><span class="line">87</span><br><span class="line">88</span><br><span class="line">89</span><br><span class="line">90</span><br><span class="line">91</span><br><span class="line">92</span><br><span class="line">93</span><br><span class="line">94</span><br><span class="line">95</span><br><span class="line">96</span><br><span class="line">97</span><br><span class="line">98</span><br><span class="line">99</span><br><span class="line">100</span><br><span class="line">101</span><br><span class="line">102</span><br><span class="line">103</span><br><span class="line">104</span><br><span class="line">105</span><br><span class="line">106</span><br><span class="line">107</span><br><span class="line">108</span><br><span class="line">109</span><br><span class="line">110</span><br><span class="line">111</span><br><span class="line">112</span><br><span class="line">113</span><br><span class="line">114</span><br><span class="line">115</span><br><span class="line">116</span><br><span class="line">117</span><br><span class="line">118</span><br><span class="line">119</span><br><span class="line">120</span><br><span class="line">121</span><br><span class="line">122</span><br><span class="line">123</span><br><span class="line">124</span><br><span class="line">125</span><br><span class="line">126</span><br><span class="line">127</span><br><span class="line">128</span><br><span class="line">129</span><br><span class="line">130</span><br><span class="line">131</span><br><span class="line">132</span><br><span class="line">133</span><br><span class="line">134</span><br><span class="line">135</span><br><span class="line">136</span><br><span class="line">137</span><br><span class="line">138</span><br><span class="line">139</span><br><span class="line">140</span><br><span class="line">141</span><br><span class="line">142</span><br></pre></td><td class="code"><pre><span class="line"># Allow anonymous FTP? (Beware - allowed by default if you comment this out).</span><br><span class="line">#anonymous_enable=YES</span><br><span class="line">anonymous_enable=NO</span><br><span class="line">设定不允许匿名访问</span><br><span class="line">#</span><br><span class="line"># Uncomment this to allow local users to log in.</span><br><span class="line">local_enable=YES</span><br><span class="line">设定本地用户可以访问。注意：主要是为虚拟宿主用户，如果该项目设定为NO那么所有虚拟用户将无法访问。</span><br><span class="line">#</span><br><span class="line"># Uncomment this to enable any form of FTP write command.</span><br><span class="line">write_enable=YES</span><br><span class="line">设定可以进行写操作。</span><br><span class="line">#</span><br><span class="line"># Default umask for local users is 077\. You may wish to change this to 022,</span><br><span class="line"># if your users expect that (022 is used by most other ftpd&apos;s)</span><br><span class="line">local_umask=022</span><br><span class="line">设定上传后文件的权限掩码。</span><br><span class="line">#</span><br><span class="line"># Uncomment this to allow the anonymous FTP user to upload files. This only</span><br><span class="line"># has an effect if the above global write enable is activated. Also, you will</span><br><span class="line"># obviously need to create a directory writable by the FTP user.</span><br><span class="line">#anon_upload_enable=YES</span><br><span class="line">anon_upload_enable=NO</span><br><span class="line">禁止匿名用户上传。</span><br><span class="line">#</span><br><span class="line"># Uncomment this if you want the anonymous FTP user to be able to create</span><br><span class="line"># new directories.</span><br><span class="line">#anon_mkdir_write_enable=YES</span><br><span class="line">anon_mkdir_write_enable=NO</span><br><span class="line">禁止匿名用户建立目录。</span><br><span class="line">#</span><br><span class="line"># Activate directory messages - messages given to remote users when they</span><br><span class="line"># go into a certain directory.</span><br><span class="line">dirmessage_enable=YES</span><br><span class="line">设定开启目录标语功能。</span><br><span class="line">#</span><br><span class="line"># Activate logging of uploads/downloads.</span><br><span class="line">xferlog_enable=YES</span><br><span class="line">设定开启日志记录功能。</span><br><span class="line">#</span><br><span class="line"># Make sure PORT transfer connections originate from port 20 (ftp-data).</span><br><span class="line">connect_from_port_20=YES</span><br><span class="line">设定端口20进行数据连接。</span><br><span class="line">#</span><br><span class="line"># If you want, you can arrange for uploaded anonymous files to be owned by</span><br><span class="line"># a different user. Note! Using &quot;root&quot; for uploaded files is not</span><br><span class="line"># recommended!</span><br><span class="line">#chown_uploads=YES</span><br><span class="line">chown_uploads=NO</span><br><span class="line">设定禁止上传文件更改宿主。</span><br><span class="line">#chown_username=whoever</span><br><span class="line">#</span><br><span class="line"># You may override where the log file goes if you like. The default is shown</span><br><span class="line"># below.</span><br><span class="line">xferlog_file=/var/log/vsftpd.log</span><br><span class="line">设定Vsftpd的服务日志保存路径。注意，该文件默认不存在。必须要手动touch出来，并且由于这里更改了Vsftpd的服务宿主用户为手动建立的Vsftpd。必须注意给与该用户对日志的写入权限，否则服务将启动失败。</span><br><span class="line">#</span><br><span class="line"># If you want, you can have your log file in standard ftpd xferlog format</span><br><span class="line">xferlog_std_format=YES</span><br><span class="line">设定日志使用标准的记录格式。</span><br><span class="line">#</span><br><span class="line"># You may change the default value for timing out an idle session.</span><br><span class="line">#idle_session_timeout=600</span><br><span class="line">设定空闲连接超时时间，这里使用默认。将具体数值留给每个具体用户具体指定，当然如果不指定的话，还是使用这里的默认值600，单位秒。</span><br><span class="line">#</span><br><span class="line"># You may change the default value for timing out a data connection.</span><br><span class="line">#data_connection_timeout=120</span><br><span class="line">设定单次最大连续传输时间，这里使用默认。将具体数值留给每个具体用户具体指定，当然如果不指定的话，还是使用这里的默认值120，单位秒。</span><br><span class="line">#</span><br><span class="line"># It is recommended that you define on your system a unique user which the</span><br><span class="line"># ftp server can use as a totally isolated and unprivileged user.</span><br><span class="line">#nopriv_user=ftpsecure</span><br><span class="line">nopriv_user=vsftpd</span><br><span class="line">设定支撑Vsftpd服务的宿主用户为手动建立的Vsftpd用户。注意，一旦做出更改宿主用户后，必须注意一起与该服务相关的读写文件的读写赋权问题。比如日志文件就必须给与该用户写入权限等。</span><br><span class="line">#</span><br><span class="line"># Enable this and the server will recognise asynchronous ABOR requests. Not</span><br><span class="line"># recommended for security (the code is non-trivial). Not enabling it,</span><br><span class="line"># however, may confuse older FTP clients.</span><br><span class="line">async_abor_enable=YES</span><br><span class="line">设定支持异步传输功能。</span><br><span class="line">#</span><br><span class="line"># By default the server will pretend to allow ASCII mode but in fact ignore</span><br><span class="line"># the request. Turn on the below options to have the server actually do ASCII</span><br><span class="line"># mangling on files when in ASCII mode.</span><br><span class="line"># Beware that on some FTP servers, ASCII support allows a denial of service</span><br><span class="line"># attack (DoS) via the command &quot;SIZE /big/file&quot; in ASCII mode. vsftpd</span><br><span class="line"># predicted this attack and has always been safe, reporting the size of the</span><br><span class="line"># raw file.</span><br><span class="line"># ASCII mangling is a horrible feature of the protocol.</span><br><span class="line">ascii_upload_enable=YES</span><br><span class="line">ascii_download_enable=YES</span><br><span class="line">设定支持ASCII模式的上传和下载功能。</span><br><span class="line">#</span><br><span class="line"># You may fully customise the login banner string:</span><br><span class="line">ftpd_banner=This Vsftp server supports virtual users ^_^</span><br><span class="line">设定Vsftpd的登陆标语。</span><br><span class="line">#</span><br><span class="line"># You may specify a file of disallowed anonymous e-mail addresses. Apparently</span><br><span class="line"># useful for combatting certain DoS attacks.</span><br><span class="line">#deny_email_enable=YES</span><br><span class="line"># (default follows)</span><br><span class="line">#banned_email_file=/etc/vsftpd/banned_emails</span><br><span class="line">#</span><br><span class="line"># You may specify an explicit list of local users to chroot() to their home</span><br><span class="line"># directory. If chroot_local_user is YES, then this list becomes a list of</span><br><span class="line"># users to NOT chroot().</span><br><span class="line">#chroot_list_enable=YES</span><br><span class="line">chroot_list_enable=NO</span><br><span class="line">禁止用户登出自己的FTP主目录。</span><br><span class="line"># (default follows)</span><br><span class="line">#chroot_list_file=/etc/vsftpd/chroot_list</span><br><span class="line">#</span><br><span class="line"># You may activate the &quot;-R&quot; option to the builtin ls. This is disabled by</span><br><span class="line"># default to avoid remote users being able to cause excessive I/O on large</span><br><span class="line"># sites. However, some broken FTP clients such as &quot;ncftp&quot; and &quot;mirror&quot; assume</span><br><span class="line"># the presence of the &quot;-R&quot; option, so there is a strong case for enabling it.</span><br><span class="line">#ls_recurse_enable=YES</span><br><span class="line">ls_recurse_enable=NO</span><br><span class="line">禁止用户登陆FTP后使用&quot;ls -R&quot;的命令。该命令会对服务器性能造成巨大开销。如果该项被允许，那么挡多用户同时使用该命令时将会对该服务器造成威胁。</span><br><span class="line"># When &quot;listen&quot; directive is enabled, vsftpd runs in standalone mode and</span><br><span class="line"># listens on IPv4 sockets. This directive cannot be used in conjunction</span><br><span class="line"># with the listen_ipv6 directive.</span><br><span class="line">listen=YES</span><br><span class="line">设定该Vsftpd服务工作在StandAlone模式下。顺便展开说明一下，所谓StandAlone模式就是该服务拥有自己的守护进程支持，在ps -A命令下我们将可用看到vsftpd的守护进程名。如果不想工作在StandAlone模式下，则可以选择SuperDaemon模式，在该模式下 vsftpd将没有自己的守护进程，而是由超级守护进程Xinetd全权代理，与此同时，Vsftp服务的许多功能将得不到实现。</span><br><span class="line">#</span><br><span class="line"># This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6</span><br><span class="line"># sockets, you must run two copies of vsftpd whith two configuration files.</span><br><span class="line"># Make sure, that one of the listen options is commented !!</span><br><span class="line">#listen_ipv6=YESpam_service_name=vsftpd</span><br><span class="line">设定PAM服务下Vsftpd的验证配置文件名。因此，PAM验证将参考/etc/pam.d/下的vsftpd文件配置。</span><br><span class="line">userlist_enable=YES</span><br><span class="line">设定userlist_file中的用户将不得使用FTP。</span><br><span class="line">tcp_wrappers=YES</span><br><span class="line">设定支持TCP Wrappers。#KC: The following entries are added for supporting virtual ftp users.</span><br><span class="line">以下这些是关于Vsftpd虚拟用户支持的重要配置项目。默认Vsftpd.conf中不包含这些设定项目，需要自己手动添加配置。guest_enable=YES</span><br><span class="line">设定启用虚拟用户功能。</span><br><span class="line">guest_username=overlord</span><br><span class="line">指定虚拟用户的宿主用户。</span><br><span class="line">virtual_use_local_privs=YES</span><br><span class="line">设定虚拟用户的权限符合他们的宿主用户。</span><br><span class="line">user_config_dir=/etc/vsftpd/vconf</span><br><span class="line">设定虚拟用户个人Vsftp的配置文件存放路径。也就是说，这个被指定的目录里，将存放每个Vsftp虚拟用户个性的配置文件，一个需要注意的地方就是这些配置文件名必须和虚拟用户名相同。</span><br></pre></td></tr></table></figure></p>
<p>保存退出。</p>
<h5 id="建立Vsftpd的日志文件，并更该属主为Vsftpd的服务宿主用户："><a href="#建立Vsftpd的日志文件，并更该属主为Vsftpd的服务宿主用户：" class="headerlink" title="建立Vsftpd的日志文件，并更该属主为Vsftpd的服务宿主用户："></a>建立Vsftpd的日志文件，并更该属主为Vsftpd的服务宿主用户：</h5><p>[root@KcentOS5 ~]# touch /var/log/vsftpd.log<br>[root@KcentOS5 ~]# chown vsftpd.vsftpd /var/log/vsftpd.log 4.建立虚拟用户配置文件存放路径：<br>[root@KcentOS5 ~]# mkdir /etc/vsftpd/vconf/</p>
<h4 id="制作虚拟用户数据库文件"><a href="#制作虚拟用户数据库文件" class="headerlink" title="制作虚拟用户数据库文件"></a>制作虚拟用户数据库文件</h4><h5 id="先建立虚拟用户名单文件："><a href="#先建立虚拟用户名单文件：" class="headerlink" title="先建立虚拟用户名单文件："></a>先建立虚拟用户名单文件：</h5><p>[root@KcentOS5 ~]# touch /etc/vsftpd/virtusers<br>建立了一个虚拟用户名单文件，这个文件就是来记录vsftpd虚拟用户的用户名和口令的数据文件，我这里给它命名为virtusers。为了避免文件的混乱，我把这个名单文件就放置在/etc/vsftpd/下。</p>
<h5 id="编辑虚拟用户名单文件："><a href="#编辑虚拟用户名单文件：" class="headerlink" title="编辑虚拟用户名单文件："></a>编辑虚拟用户名单文件：</h5><p>[root@KcentOS5 ~]# vi /etc/vsftpd/virtusers<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line">kanecruise</span><br><span class="line">123456</span><br><span class="line">near</span><br><span class="line">123456near</span><br><span class="line">mello</span><br><span class="line">123456mello</span><br></pre></td></tr></table></figure></p>
<p>编辑这个虚拟用户名单文件，在其中加入用户的用户名和口令信息。格式很简单：“一行用户名，一行口令”。</p>
<h5 id="生成虚拟用户数据文件："><a href="#生成虚拟用户数据文件：" class="headerlink" title="生成虚拟用户数据文件："></a>生成虚拟用户数据文件：</h5><p>[root@KcentOS5 ~]# db_load -T -t hash -f /etc/vsftpd/virtusers /etc/vsftpd/virtusers.db</p>
<p>察看db4的db_load命令使用方法：<br><figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line">[root@KSRV2 vsftpd]# db_load</span><br><span class="line">usage: db_load [-nTV] [-c name=value] [-f file]</span><br><span class="line">[-h home] [-P password] [-t btree | hash | recno | queue] db_file</span><br><span class="line">usage: db_load -r lsn | fileid [-h home] [-P password] db_file</span><br></pre></td></tr></table></figure></p>
<h5 id="察看生成的虚拟用户数据文件"><a href="#察看生成的虚拟用户数据文件" class="headerlink" title="察看生成的虚拟用户数据文件"></a>察看生成的虚拟用户数据文件</h5><p>[root@KcentOS5 ~]# ll /etc/vsftpd/virtusers.db<br>-rw-r–r– 1 root root 12288 Sep 16 03:51 /etc/vsftpd/virtusers.db<br>需要特别注意的是，以后再要添加虚拟用户的时候，只需要按照“一行用户名，一行口令”的格式将新用户名和口令添加进虚拟用户名单文件。但是光这样做还不够，不会生效的哦！还要再执行一遍“ db_load -T -t hash -f 虚拟用户名单文件 虚拟用户数据库文件.db ”的命令使其生效才可以！</p>
<h4 id="设定PAM验证文件"><a href="#设定PAM验证文件" class="headerlink" title="设定PAM验证文件"></a>设定PAM验证文件</h4><h5 id="察看原来的Vsftp的PAM验证配置文件："><a href="#察看原来的Vsftp的PAM验证配置文件：" class="headerlink" title="察看原来的Vsftp的PAM验证配置文件："></a>察看原来的Vsftp的PAM验证配置文件：</h5><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br></pre></td><td class="code"><pre><span class="line">[root@KcentOS5 ~]# cat /etc/pam.d/vsftpd</span><br><span class="line">----------------------------------------------------------------</span><br><span class="line">#%PAM-1.0</span><br><span class="line">session    optional     pam_keyinit.so    force revoke</span><br><span class="line">auth       required     pam_listfile.so item=user sense=deny file=/etc/vsftpd/ftpusers onerr=succeed</span><br><span class="line">auth       required     pam_shells.so</span><br><span class="line">auth       include      system-auth</span><br><span class="line">account    include      system-auth</span><br><span class="line">session    include      system-auth</span><br><span class="line">session    required     pam_loginuid.so</span><br><span class="line">----------------------------------------------------------------</span><br></pre></td></tr></table></figure>
<h5 id="在编辑前做好备份："><a href="#在编辑前做好备份：" class="headerlink" title="在编辑前做好备份："></a>在编辑前做好备份：</h5><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line">[root@KcentOS5 ~]# cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd.backup3.编辑Vsftpd的PAM验证配置文件</span><br><span class="line">[root@KcentOS5 ~]# vi /etc/pam.d/vsftpd</span><br><span class="line">----------------------------------------------------------------</span><br><span class="line">#%PAM-1.0</span><br><span class="line">auth    sufficient      /lib/security/pam_userdb.so     db=/etc/vsftpd/virtusers</span><br><span class="line">account sufficient      /lib/security/pam_userdb.so     db=/etc/vsftpd/virtusers</span><br></pre></td></tr></table></figure>
<p>以上两条是手动添加的，内容是对虚拟用户的安全和帐户权限进行验证。<br>这里的auth是指对用户的用户名口令进行验证。<br>这里的accout是指对用户的帐户有哪些权限哪些限制进行验证。<br>其后的sufficient表示充分条件，也就是说，一旦在这里通过了验证，那么也就不用经过下面剩下的验证步骤了。相反，如果没有通过的话，也不会被系统立即挡之门外，因为sufficient的失败不决定整个验证的失败，意味着用户还必须将经历剩下来的验证审核。<br>再后面的/lib/security/pam_userdb.so表示该条审核将调用pam_userdb.so这个库函数进行。<br>最后的db=/etc/vsftpd/virtusers则指定了验证库函数将到这个指定的数据库中调用数据进行验证。</p>
<hr>
<h4 id="虚拟用户的配置"><a href="#虚拟用户的配置" class="headerlink" title="虚拟用户的配置"></a>虚拟用户的配置</h4><h5 id="规划好虚拟用户的主路径："><a href="#规划好虚拟用户的主路径：" class="headerlink" title="规划好虚拟用户的主路径："></a>规划好虚拟用户的主路径：</h5><p>[root@KcentOS5 ~]# mkdir /opt/vsftp/</p>
<h5 id="建立测试用户的FTP用户目录："><a href="#建立测试用户的FTP用户目录：" class="headerlink" title="建立测试用户的FTP用户目录："></a>建立测试用户的FTP用户目录：</h5><p>[root@KcentOS5 ~]# mkdir /opt/vsftp/kanecruise/ /opt/vsftp/mello/ /opt/vsftp/near/</p>
<h5 id="建立虚拟用户配置文件模版：-root-KcentOS5-cp-etc-vsftpd-vsftpd-conf-backup-etc-vsftpd-vconf-vconf-tmp"><a href="#建立虚拟用户配置文件模版：-root-KcentOS5-cp-etc-vsftpd-vsftpd-conf-backup-etc-vsftpd-vconf-vconf-tmp" class="headerlink" title="建立虚拟用户配置文件模版：[root@KcentOS5 ~]# cp /etc/vsftpd/vsftpd.conf.backup /etc/vsftpd/vconf/vconf.tmp"></a>建立虚拟用户配置文件模版：[root@KcentOS5 ~]# cp /etc/vsftpd/vsftpd.conf.backup /etc/vsftpd/vconf/vconf.tmp</h5><h5 id="定制虚拟用户模版配置文件："><a href="#定制虚拟用户模版配置文件：" class="headerlink" title="定制虚拟用户模版配置文件："></a>定制虚拟用户模版配置文件：</h5><p>[root@KcentOS5 ~]# vi /etc/vsftpd/vconf/vconf.tmp<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br></pre></td><td class="code"><pre><span class="line">--------------------------------</span><br><span class="line">local_root=/opt/vsftp/virtuser</span><br><span class="line">指定虚拟用户的具体主路径。</span><br><span class="line">anonymous_enable=NO</span><br><span class="line">设定不允许匿名用户访问。</span><br><span class="line">write_enable=YES</span><br><span class="line">设定允许写操作。</span><br><span class="line">local_umask=022</span><br><span class="line">设定上传文件权限掩码。</span><br><span class="line">anon_upload_enable=NO</span><br><span class="line">设定不允许匿名用户上传。</span><br><span class="line">anon_mkdir_write_enable=NO</span><br><span class="line">设定不允许匿名用户建立目录。</span><br><span class="line">idle_session_timeout=600</span><br><span class="line">设定空闲连接超时时间。</span><br><span class="line">data_connection_timeout=120</span><br><span class="line">设定单次连续传输最大时间。</span><br><span class="line">max_clients=10</span><br><span class="line">设定并发客户端访问个数。</span><br><span class="line">max_per_ip=5</span><br><span class="line">设定单个客户端的最大线程数，这个配置主要来照顾Flashget、迅雷等多线程下载软件。</span><br><span class="line">local_max_rate=50000</span><br><span class="line">设定该用户的最大传输速率，单位b/s。</span><br><span class="line">--------------------------------</span><br></pre></td></tr></table></figure></p>
<p>这里将原vsftpd.conf配置文件经过简化后保存作为虚拟用户配置文件的模版。这里将并不需要指定太多的配置内容，主要的框架和限制交由 Vsftpd的主配置文件vsftpd.conf来定义，即虚拟用户配置文件当中没有提到的配置项目将参考主配置文件中的设定。而在这里作为虚拟用户的配置文件模版只需要留一些和用户流量控制，访问方式控制的配置项目就可以了。这里的关键项是local_root这个配置，用来指定这个虚拟用户的FTP主路径。</p>
<h5 id="更改虚拟用户的主目录的属主为虚拟宿主用户："><a href="#更改虚拟用户的主目录的属主为虚拟宿主用户：" class="headerlink" title="更改虚拟用户的主目录的属主为虚拟宿主用户："></a>更改虚拟用户的主目录的属主为虚拟宿主用户：</h5><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre></td><td class="code"><pre><span class="line">[root@KcentOS5 ~]# chown -R overlord.overlord /opt/vsftp/6.检查权限：</span><br><span class="line">[root@KcentOS5 ~]# ll /opt/vsftp/</span><br><span class="line">total 24</span><br><span class="line">drwxr-xr-x 2 overlord overlord 4096 Sep 16 05:14 kanecruise</span><br><span class="line">drwxr-xr-x 2 overlord overlord 4096 Sep 16 05:00 mello</span><br><span class="line">drwxr-xr-x 2 overlord overlord 4096 Sep 16 05:00 near</span><br></pre></td></tr></table></figure>
<h4 id="给测试用户定制"><a href="#给测试用户定制" class="headerlink" title="给测试用户定制"></a>给测试用户定制</h4><h5 id="从虚拟用户模版配置文件复制："><a href="#从虚拟用户模版配置文件复制：" class="headerlink" title="从虚拟用户模版配置文件复制："></a>从虚拟用户模版配置文件复制：</h5><p>[root@KcentOS5 ~]# cp /etc/vsftpd/vconf/vconf.tmp /etc/vsftpd/vconf/kanecruise</p>
<h5 id="针对具体用户进行定制："><a href="#针对具体用户进行定制：" class="headerlink" title="针对具体用户进行定制："></a>针对具体用户进行定制：</h5><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line">[root@KcentOS5 ~]# vi /etc/vsftpd/vconf/kanecruise</span><br><span class="line">---------------------------------</span><br><span class="line">local_root=/opt/vsftp/kanecruise</span><br><span class="line">anonymous_enable=NO</span><br><span class="line">write_enable=YES</span><br><span class="line">local_umask=022</span><br><span class="line">anon_upload_enable=NO</span><br><span class="line">anon_mkdir_write_enable=NO</span><br><span class="line">idle_session_timeout=300</span><br><span class="line">data_connection_timeout=90</span><br><span class="line">max_clients=1</span><br><span class="line">max_per_ip=1</span><br><span class="line">local_max_rate=25000</span><br><span class="line">---------------------------------</span><br></pre></td></tr></table></figure>
<h4 id="启动服务"><a href="#启动服务" class="headerlink" title="启动服务"></a>启动服务</h4><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">[root@KcentOS5 ~]# service vsftpd start</span><br><span class="line">Starting vsftpd for vsftpd:                                [ OK ]</span><br></pre></td></tr></table></figure>
<h4 id="测试"><a href="#测试" class="headerlink" title="测试"></a>测试</h4><h5 id="在虚拟用户目录中预先放入文件："><a href="#在虚拟用户目录中预先放入文件：" class="headerlink" title="在虚拟用户目录中预先放入文件："></a>在虚拟用户目录中预先放入文件：</h5><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">[root@KcentOS5 ~]# touch /opt/vsftp/kanecruise/kc.test</span><br></pre></td></tr></table></figure>
<h5 id="从其他机器作为客户端登陆FTP："><a href="#从其他机器作为客户端登陆FTP：" class="headerlink" title="从其他机器作为客户端登陆FTP："></a>从其他机器作为客户端登陆FTP：</h5><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br></pre></td><td class="code"><pre><span class="line">[root@Yum ~]# ftp</span><br><span class="line">ftp&gt; open 192.168.1.22</span><br><span class="line">Connected to 192.168.1.22.</span><br><span class="line">220 This Vsftp server supports virtual users ^_^</span><br><span class="line">530 Please login with USER and PASS.</span><br><span class="line">530 Please login with USER and PASS.</span><br><span class="line">KERBEROS_V4 rejected as an authentication type</span><br><span class="line">Name (192.168.1.22:root): kanecruise</span><br><span class="line">331 Please specify the password.</span><br><span class="line">Password: 123456</span><br><span class="line">230 Login successful.</span><br><span class="line">Remote system type is UNIX.</span><br><span class="line">Using binary mode to transfer files.</span><br></pre></td></tr></table></figure>
<h5 id="测试列单操作"><a href="#测试列单操作" class="headerlink" title="测试列单操作"></a>测试列单操作</h5><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">ftp&gt; ls</span><br><span class="line">227 Entering Passive Mode (192,168,1,22,220,24)</span><br><span class="line">150 Here comes the directory listing.</span><br><span class="line">-rw-r--r--    1 501      501             0 Sep 15 21:14 kc.test</span><br><span class="line">226 Directory send OK.（目录列单成功）</span><br></pre></td></tr></table></figure>
<h5 id="测试上传操作："><a href="#测试上传操作：" class="headerlink" title="测试上传操作："></a>测试上传操作：</h5><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br></pre></td><td class="code"><pre><span class="line">ftp&gt; put</span><br><span class="line">(local-file) KC.repo</span><br><span class="line">(remote-file) KC.repo</span><br><span class="line">local: KC.repo remote: KC.repo</span><br><span class="line">227 Entering Passive Mode (192,168,1,22,230,1)</span><br><span class="line">150 Ok to send data.</span><br><span class="line">226 File receive OK. （上传成功）</span><br><span class="line">699 bytes sent in 0.024 seconds (29 Kbytes/s)</span><br><span class="line">ftp&gt;</span><br></pre></td></tr></table></figure>
<h5 id="测试建立目录操作："><a href="#测试建立目录操作：" class="headerlink" title="测试建立目录操作："></a>测试建立目录操作：</h5><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br></pre></td><td class="code"><pre><span class="line">ftp&gt; mkdir test</span><br><span class="line">257 &quot;/opt/vsftp/kanecruise/test&quot; created （目录建立成功）</span><br></pre></td></tr></table></figure>
<h5 id="测试下载操作："><a href="#测试下载操作：" class="headerlink" title="测试下载操作："></a>测试下载操作：</h5><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">ftp&gt; get kc.test</span><br><span class="line">local: kc.test remote: kc.test</span><br><span class="line">227 Entering Passive Mode (192,168,1,22,164,178)</span><br><span class="line">150 Opening BINARY mode data connection for kc.test (0 bytes).</span><br><span class="line">226 File send OK.（下载成功）</span><br></pre></td></tr></table></figure>
<h5 id="测试超时："><a href="#测试超时：" class="headerlink" title="测试超时："></a>测试超时：</h5><figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br></pre></td><td class="code"><pre><span class="line">ftp&gt; dir</span><br><span class="line">421 Timeout.（超时有效）</span><br><span class="line">ftp&gt; user</span><br><span class="line">Not connected.注意:</span><br><span class="line"></span><br><span class="line">在/etc/vsftpd/vsftpd.conf中，local_enable的选项必须打开为Yes，使得虚拟用户的访问成为可能，否则会出现以下现象：</span><br><span class="line">----------------------------------</span><br><span class="line">[root@KcentOS5 ~]# ftp</span><br><span class="line">ftp&gt; open 192.168.1.22</span><br><span class="line">Connected to 192.168.1.22.</span><br><span class="line">500 OOPS: vsftpd: both local and anonymous access disabled!</span><br><span class="line">----------------------------------</span><br><span class="line">原因：虚拟用户再丰富，其实也是基于它们的宿主用户overlord的，如果overlord这个虚拟用户的宿主被限制住了，那么虚拟用户也将受到限制。</span><br><span class="line">**补充：**</span><br><span class="line"></span><br><span class="line">500 OOPS:错误</span><br><span class="line">有可能是你的vsftpd.con配置文件中有不能被实别的命令，还有一种可能是命令的YES 或 NO 后面有空格。</span><br><span class="line">我遇到的是命令后面有空格。因为我是用GEDIT来编辑的配置文件</span><br><span class="line">550 权限错误,不能创建目录和文件</span><br><span class="line">**解决方法: 关闭selinux**</span><br><span class="line"># vi /etc/selinux/config</span><br><span class="line">将 SELINUX=XXX --&gt;XXX 代表级别,改为SELINUX=disabled</span><br><span class="line">重启</span><br></pre></td></tr></table></figure>

      
    </div>
    
    
    

    

    
      <div>
        <div style="padding: 10px 0; margin: 20px auto; width: 90%; text-align: center;">
  <div></div>
  <button id="rewardButton" disable="enable" onclick="var qr = document.getElementById('QR'); if (qr.style.display === 'none') {qr.style.display='block';} else {qr.style.display='none'}">
    <span>打赏</span>
  </button>
  <div id="QR" style="display: none;">

    
      <div id="wechat" style="display: inline-block">
        <img id="wechat_qr" src="/wechatpay.jpg" alt="已经被时间上锁 微信支付"/>
        <p>微信支付</p>
      </div>
    

    
      <div id="alipay" style="display: inline-block">
        <img id="alipay_qr" src="/alipay.jpg" alt="已经被时间上锁 支付宝"/>
        <p>支付宝</p>
      </div>
    

    

  </div>
</div>

      </div>
    

    

    <footer class="post-footer">
      
        <div class="post-tags">
          
            <a href="/tags/vsftp/" rel="tag"><i class="fa fa-tag"></i> vsftp</a>
          
        </div>
      

      
      
      

      
        <div class="post-nav">
          <div class="post-nav-next post-nav-item">
            
              <a href="/2018/08/27/Linux分区方案与过程/" rel="next" title="Linux分区方案">
                <i class="fa fa-chevron-left"></i> Linux分区方案
              </a>
            
          </div>

          <span class="post-nav-divider"></span>

          <div class="post-nav-prev post-nav-item">
            
              <a href="/2019/05/25/Zabbix+ElasticSearch+Kibana 实践/" rel="prev" title="Zabbix + ElasticSearch + Kibana 实践">
                Zabbix + ElasticSearch + Kibana 实践 <i class="fa fa-chevron-right"></i>
              </a>
            
          </div>
        </div>
      

      
      
    </footer>
  </div>
  
  
  
  </article>



    <div class="post-spread">
      
    </div>
  </div>


          </div>
          


          

  
    <div class="comments" id="comments">
    </div>
  



        </div>
        
          
  
  <div class="sidebar-toggle">
    <div class="sidebar-toggle-line-wrap">
      <span class="sidebar-toggle-line sidebar-toggle-line-first"></span>
      <span class="sidebar-toggle-line sidebar-toggle-line-middle"></span>
      <span class="sidebar-toggle-line sidebar-toggle-line-last"></span>
    </div>
  </div>

  <aside id="sidebar" class="sidebar">
    
    <div class="sidebar-inner">

      

      
        <ul class="sidebar-nav motion-element">
          <li class="sidebar-nav-toc sidebar-nav-active" data-target="post-toc-wrap">
            文章目录
          </li>
          <li class="sidebar-nav-overview" data-target="site-overview-wrap">
            站点概览
          </li>
        </ul>
      

      <section class="site-overview-wrap sidebar-panel">
        <div class="site-overview">
          <div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
            
              <img class="site-author-image" itemprop="image"
                src="/images/avatar.png"
                alt="已经被时间上锁" />
            
              <p class="site-author-name" itemprop="name">已经被时间上锁</p>
              <p class="site-description motion-element" itemprop="description">只剩挥散不去的难过</p>
          </div>

          <nav class="site-state motion-element">

            
              <div class="site-state-item site-state-posts">
              
                <a href="/archives/">
              
                  <span class="site-state-item-count">9</span>
                  <span class="site-state-item-name">日志</span>
                </a>
              </div>
            

            
              
              
              <div class="site-state-item site-state-categories">
                <a href="/categories/index.html">
                  <span class="site-state-item-count">6</span>
                  <span class="site-state-item-name">分类</span>
                </a>
              </div>
            

            
              
              
              <div class="site-state-item site-state-tags">
                <a href="/tags/index.html">
                  <span class="site-state-item-count">9</span>
                  <span class="site-state-item-name">标签</span>
                </a>
              </div>
            

          </nav>

          

          <div class="links-of-author motion-element">
            
              
                <span class="links-of-author-item">
                  <a href="http://i2.bvimg.com/624619/509703ad18473233.jpg" target="_blank" title="Wechat">
                    
                      <i class="fa fa-fw fa-wechat"></i>Wechat</a>
                </span>
              
                <span class="links-of-author-item">
                  <a href="https://github.com/waney316" target="_blank" title="GitHub">
                    
                      <i class="fa fa-fw fa-github"></i>GitHub</a>
                </span>
              
                <span class="links-of-author-item">
                  <a href="mailto:waney316@foxmail.com" target="_blank" title="E-Mail">
                    
                      <i class="fa fa-fw fa-envelope"></i>E-Mail</a>
                </span>
              
                <span class="links-of-author-item">
                  <a href="https://weibo.com/3020883227" target="_blank" title="Weibo">
                    
                      <i class="fa fa-fw fa-weibo"></i>Weibo</a>
                </span>
              
            
          </div>

          
          

          
          
            <div class="links-of-blogroll motion-element links-of-blogroll-inline">
              <div class="links-of-blogroll-title">
                <i class="fa  fa-fw fa-link"></i>
                友情链接
              </div>
              <ul class="links-of-blogroll-list">
                
                  <li class="links-of-blogroll-item">
                    <a href="http://bbs.csdn.net/home" title="CSDN" target="_blank">CSDN</a>
                  </li>
                
                  <li class="links-of-blogroll-item">
                    <a href="http://man.linuxde.net/" title="Linux命令" target="_blank">Linux命令</a>
                  </li>
                
                  <li class="links-of-blogroll-item">
                    <a href="http://www.runoob.com/" title="菜鸟教程" target="_blank">菜鸟教程</a>
                  </li>
                
              </ul>
            </div>
          
          <br>

          

        </div>
      </section>

      
      <!--noindex-->
        <section class="post-toc-wrap motion-element sidebar-panel sidebar-panel-active">
          <div class="post-toc">

            
              
            

            
              <div class="post-toc-content"><ol class="nav"><li class="nav-item nav-level-4"><a class="nav-link" href="#安装"><span class="nav-number">1.</span> <span class="nav-text">安装</span></a><ol class="nav-child"><li class="nav-item nav-level-5"><a class="nav-link" href="#安装Vsftpd服务相关部件："><span class="nav-number">1.1.</span> <span class="nav-text">安装Vsftpd服务相关部件：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#确认安装PAM服务相关部件："><span class="nav-number">1.2.</span> <span class="nav-text">确认安装PAM服务相关部件：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#1安装DB4部件包："><span class="nav-number">1.3.</span> <span class="nav-text">1安装DB4部件包：</span></a></li></ol></li><li class="nav-item nav-level-4"><a class="nav-link" href="#系统帐户"><span class="nav-number">2.</span> <span class="nav-text">系统帐户</span></a><ol class="nav-child"><li class="nav-item nav-level-5"><a class="nav-link" href="#建立Vsftpd服务的宿主用户："><span class="nav-number">2.1.</span> <span class="nav-text">建立Vsftpd服务的宿主用户：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#建立Vsftpd虚拟宿主用户："><span class="nav-number">2.2.</span> <span class="nav-text">建立Vsftpd虚拟宿主用户：</span></a></li></ol></li><li class="nav-item nav-level-4"><a class="nav-link" href="#调整Vsftpd的配置文件："><span class="nav-number">3.</span> <span class="nav-text">调整Vsftpd的配置文件：</span></a><ol class="nav-child"><li class="nav-item nav-level-5"><a class="nav-link" href="#编辑配置文件前先备份"><span class="nav-number">3.1.</span> <span class="nav-text">编辑配置文件前先备份</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#建立Vsftpd的日志文件，并更该属主为Vsftpd的服务宿主用户："><span class="nav-number">3.2.</span> <span class="nav-text">建立Vsftpd的日志文件，并更该属主为Vsftpd的服务宿主用户：</span></a></li></ol></li><li class="nav-item nav-level-4"><a class="nav-link" href="#制作虚拟用户数据库文件"><span class="nav-number">4.</span> <span class="nav-text">制作虚拟用户数据库文件</span></a><ol class="nav-child"><li class="nav-item nav-level-5"><a class="nav-link" href="#先建立虚拟用户名单文件："><span class="nav-number">4.1.</span> <span class="nav-text">先建立虚拟用户名单文件：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#编辑虚拟用户名单文件："><span class="nav-number">4.2.</span> <span class="nav-text">编辑虚拟用户名单文件：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#生成虚拟用户数据文件："><span class="nav-number">4.3.</span> <span class="nav-text">生成虚拟用户数据文件：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#察看生成的虚拟用户数据文件"><span class="nav-number">4.4.</span> <span class="nav-text">察看生成的虚拟用户数据文件</span></a></li></ol></li><li class="nav-item nav-level-4"><a class="nav-link" href="#设定PAM验证文件"><span class="nav-number">5.</span> <span class="nav-text">设定PAM验证文件</span></a><ol class="nav-child"><li class="nav-item nav-level-5"><a class="nav-link" href="#察看原来的Vsftp的PAM验证配置文件："><span class="nav-number">5.1.</span> <span class="nav-text">察看原来的Vsftp的PAM验证配置文件：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#在编辑前做好备份："><span class="nav-number">5.2.</span> <span class="nav-text">在编辑前做好备份：</span></a></li></ol></li><li class="nav-item nav-level-4"><a class="nav-link" href="#虚拟用户的配置"><span class="nav-number">6.</span> <span class="nav-text">虚拟用户的配置</span></a><ol class="nav-child"><li class="nav-item nav-level-5"><a class="nav-link" href="#规划好虚拟用户的主路径："><span class="nav-number">6.1.</span> <span class="nav-text">规划好虚拟用户的主路径：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#建立测试用户的FTP用户目录："><span class="nav-number">6.2.</span> <span class="nav-text">建立测试用户的FTP用户目录：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#建立虚拟用户配置文件模版：-root-KcentOS5-cp-etc-vsftpd-vsftpd-conf-backup-etc-vsftpd-vconf-vconf-tmp"><span class="nav-number">6.3.</span> <span class="nav-text">建立虚拟用户配置文件模版：[root@KcentOS5 ~]# cp /etc/vsftpd/vsftpd.conf.backup /etc/vsftpd/vconf/vconf.tmp</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#定制虚拟用户模版配置文件："><span class="nav-number">6.4.</span> <span class="nav-text">定制虚拟用户模版配置文件：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#更改虚拟用户的主目录的属主为虚拟宿主用户："><span class="nav-number">6.5.</span> <span class="nav-text">更改虚拟用户的主目录的属主为虚拟宿主用户：</span></a></li></ol></li><li class="nav-item nav-level-4"><a class="nav-link" href="#给测试用户定制"><span class="nav-number">7.</span> <span class="nav-text">给测试用户定制</span></a><ol class="nav-child"><li class="nav-item nav-level-5"><a class="nav-link" href="#从虚拟用户模版配置文件复制："><span class="nav-number">7.1.</span> <span class="nav-text">从虚拟用户模版配置文件复制：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#针对具体用户进行定制："><span class="nav-number">7.2.</span> <span class="nav-text">针对具体用户进行定制：</span></a></li></ol></li><li class="nav-item nav-level-4"><a class="nav-link" href="#启动服务"><span class="nav-number">8.</span> <span class="nav-text">启动服务</span></a></li><li class="nav-item nav-level-4"><a class="nav-link" href="#测试"><span class="nav-number">9.</span> <span class="nav-text">测试</span></a><ol class="nav-child"><li class="nav-item nav-level-5"><a class="nav-link" href="#在虚拟用户目录中预先放入文件："><span class="nav-number">9.1.</span> <span class="nav-text">在虚拟用户目录中预先放入文件：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#从其他机器作为客户端登陆FTP："><span class="nav-number">9.2.</span> <span class="nav-text">从其他机器作为客户端登陆FTP：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#测试列单操作"><span class="nav-number">9.3.</span> <span class="nav-text">测试列单操作</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#测试上传操作："><span class="nav-number">9.4.</span> <span class="nav-text">测试上传操作：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#测试建立目录操作："><span class="nav-number">9.5.</span> <span class="nav-text">测试建立目录操作：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#测试下载操作："><span class="nav-number">9.6.</span> <span class="nav-text">测试下载操作：</span></a></li><li class="nav-item nav-level-5"><a class="nav-link" href="#测试超时："><span class="nav-number">9.7.</span> <span class="nav-text">测试超时：</span></a></li></ol></li></ol></div>
            

          </div>
        </section>
      <!--/noindex-->
      

      
        <div class="back-to-top">
          <i class="fa fa-arrow-up"></i>
          
            <span id="scrollpercent"><span>0</span>%</span>
          
        </div>
      

    </div>
  </aside>


        
      </div>
    </main>

    <footer id="footer" class="footer">
      <div class="footer-inner">
        <script async src="https://dn-lbstatics.qbox.me/busuanzi/2.3/busuanzi.pure.mini.js"></script>
<div class="copyright">&copy; 2018 &mdash; <span itemprop="copyrightYear">2019</span>
  <span class="with-love">
    <i class="fa fa-user"></i>
  </span>
  <span class="author" itemprop="copyrightHolder">已经被时间上锁</span>

  
</div>

<div class="powered-by" style="color:white">
<i class="fa fa-user-md"></i><span id="busuanzi_container_site_uv">
  感谢您的来访<span>&nbsp|&nbsp Hosted by <a href="https://pages.coding.me" style="color:white;font-weight: bold ">Coding Pages</a>
</span>
</div>


        







        
      </div>
    </footer>

    

    

  </div>

  

<script type="text/javascript">
  if (Object.prototype.toString.call(window.Promise) !== '[object Function]') {
    window.Promise = null;
  }
</script>









  












  
  
    <script type="text/javascript" src="/lib/jquery/index.js?v=2.1.3"></script>
  

  
  
    <script type="text/javascript" src="/lib/fastclick/lib/fastclick.min.js?v=1.0.6"></script>
  

  
  
    <script type="text/javascript" src="/lib/jquery_lazyload/jquery.lazyload.js?v=1.9.7"></script>
  

  
  
    <script type="text/javascript" src="/lib/velocity/velocity.min.js?v=1.2.1"></script>
  

  
  
    <script type="text/javascript" src="/lib/velocity/velocity.ui.min.js?v=1.2.1"></script>
  

  
  
    <script type="text/javascript" src="/lib/fancybox/source/jquery.fancybox.pack.js?v=2.1.5"></script>
  


  


  <script type="text/javascript" src="/js/src/utils.js?v=5.1.3"></script>

  <script type="text/javascript" src="/js/src/motion.js?v=5.1.3"></script>



  
  


  <script type="text/javascript" src="/js/src/affix.js?v=5.1.3"></script>

  <script type="text/javascript" src="/js/src/schemes/pisces.js?v=5.1.3"></script>



  
  <script type="text/javascript" src="/js/src/scrollspy.js?v=5.1.3"></script>
<script type="text/javascript" src="/js/src/post-details.js?v=5.1.3"></script>



  


  <script type="text/javascript" src="/js/src/bootstrap.js?v=5.1.3"></script>



  


  




	





  





  










  <script src="//cdn1.lncld.net/static/js/3.0.4/av-min.js"></script>
  <script src="//unpkg.com/valine/dist/Valine.min.js"></script>
  
  <script type="text/javascript">
    var GUEST = ['nick','mail','link'];
    var guest = 'nick,mail,link';
    guest = guest.split(',').filter(item=>{
      return GUEST.indexOf(item)>-1;
    });
    new Valine({
        el: '#comments' ,
        verify: false,
        notify: true,
        appId: 'HOjFznvmjBUW3uPdcns45OAT-gzGzoHsz',
        appKey: 'h0giMg2il1nwP5N0bGivit14',
        placeholder: 'Just go go',
        avatar:'mm',
        guest_info:guest,
        pageSize:'10' || 10,
    });
  </script>



  

  <script type="text/javascript">
    // Popup Window;
    var isfetched = false;
    var isXml = true;
    // Search DB path;
    var search_path = "search.xml";
    if (search_path.length === 0) {
      search_path = "search.xml";
    } else if (/json$/i.test(search_path)) {
      isXml = false;
    }
    var path = "/" + search_path;
    // monitor main search box;

    var onPopupClose = function (e) {
      $('.popup').hide();
      $('#local-search-input').val('');
      $('.search-result-list').remove();
      $('#no-result').remove();
      $(".local-search-pop-overlay").remove();
      $('body').css('overflow', '');
    }

    function proceedsearch() {
      $("body")
        .append('<div class="search-popup-overlay local-search-pop-overlay"></div>')
        .css('overflow', 'hidden');
      $('.search-popup-overlay').click(onPopupClose);
      $('.popup').toggle();
      var $localSearchInput = $('#local-search-input');
      $localSearchInput.attr("autocapitalize", "none");
      $localSearchInput.attr("autocorrect", "off");
      $localSearchInput.focus();
    }

    // search function;
    var searchFunc = function(path, search_id, content_id) {
      'use strict';

      // start loading animation
      $("body")
        .append('<div class="search-popup-overlay local-search-pop-overlay">' +
          '<div id="search-loading-icon">' +
          '<i class="fa fa-spinner fa-pulse fa-5x fa-fw"></i>' +
          '</div>' +
          '</div>')
        .css('overflow', 'hidden');
      $("#search-loading-icon").css('margin', '20% auto 0 auto').css('text-align', 'center');

      $.ajax({
        url: path,
        dataType: isXml ? "xml" : "json",
        async: true,
        success: function(res) {
          // get the contents from search data
          isfetched = true;
          $('.popup').detach().appendTo('.header-inner');
          var datas = isXml ? $("entry", res).map(function() {
            return {
              title: $("title", this).text(),
              content: $("content",this).text(),
              url: $("url" , this).text()
            };
          }).get() : res;
          var input = document.getElementById(search_id);
          var resultContent = document.getElementById(content_id);
          var inputEventFunction = function() {
            var searchText = input.value.trim().toLowerCase();
            var keywords = searchText.split(/[\s\-]+/);
            if (keywords.length > 1) {
              keywords.push(searchText);
            }
            var resultItems = [];
            if (searchText.length > 0) {
              // perform local searching
              datas.forEach(function(data) {
                var isMatch = false;
                var hitCount = 0;
                var searchTextCount = 0;
                var title = data.title.trim();
                var titleInLowerCase = title.toLowerCase();
                var content = data.content.trim().replace(/<[^>]+>/g,"");
                var contentInLowerCase = content.toLowerCase();
                var articleUrl = decodeURIComponent(data.url);
                var indexOfTitle = [];
                var indexOfContent = [];
                // only match articles with not empty titles
                if(title != '') {
                  keywords.forEach(function(keyword) {
                    function getIndexByWord(word, text, caseSensitive) {
                      var wordLen = word.length;
                      if (wordLen === 0) {
                        return [];
                      }
                      var startPosition = 0, position = [], index = [];
                      if (!caseSensitive) {
                        text = text.toLowerCase();
                        word = word.toLowerCase();
                      }
                      while ((position = text.indexOf(word, startPosition)) > -1) {
                        index.push({position: position, word: word});
                        startPosition = position + wordLen;
                      }
                      return index;
                    }

                    indexOfTitle = indexOfTitle.concat(getIndexByWord(keyword, titleInLowerCase, false));
                    indexOfContent = indexOfContent.concat(getIndexByWord(keyword, contentInLowerCase, false));
                  });
                  if (indexOfTitle.length > 0 || indexOfContent.length > 0) {
                    isMatch = true;
                    hitCount = indexOfTitle.length + indexOfContent.length;
                  }
                }

                // show search results

                if (isMatch) {
                  // sort index by position of keyword

                  [indexOfTitle, indexOfContent].forEach(function (index) {
                    index.sort(function (itemLeft, itemRight) {
                      if (itemRight.position !== itemLeft.position) {
                        return itemRight.position - itemLeft.position;
                      } else {
                        return itemLeft.word.length - itemRight.word.length;
                      }
                    });
                  });

                  // merge hits into slices

                  function mergeIntoSlice(text, start, end, index) {
                    var item = index[index.length - 1];
                    var position = item.position;
                    var word = item.word;
                    var hits = [];
                    var searchTextCountInSlice = 0;
                    while (position + word.length <= end && index.length != 0) {
                      if (word === searchText) {
                        searchTextCountInSlice++;
                      }
                      hits.push({position: position, length: word.length});
                      var wordEnd = position + word.length;

                      // move to next position of hit

                      index.pop();
                      while (index.length != 0) {
                        item = index[index.length - 1];
                        position = item.position;
                        word = item.word;
                        if (wordEnd > position) {
                          index.pop();
                        } else {
                          break;
                        }
                      }
                    }
                    searchTextCount += searchTextCountInSlice;
                    return {
                      hits: hits,
                      start: start,
                      end: end,
                      searchTextCount: searchTextCountInSlice
                    };
                  }

                  var slicesOfTitle = [];
                  if (indexOfTitle.length != 0) {
                    slicesOfTitle.push(mergeIntoSlice(title, 0, title.length, indexOfTitle));
                  }

                  var slicesOfContent = [];
                  while (indexOfContent.length != 0) {
                    var item = indexOfContent[indexOfContent.length - 1];
                    var position = item.position;
                    var word = item.word;
                    // cut out 100 characters
                    var start = position - 20;
                    var end = position + 80;
                    if(start < 0){
                      start = 0;
                    }
                    if (end < position + word.length) {
                      end = position + word.length;
                    }
                    if(end > content.length){
                      end = content.length;
                    }
                    slicesOfContent.push(mergeIntoSlice(content, start, end, indexOfContent));
                  }

                  // sort slices in content by search text's count and hits' count

                  slicesOfContent.sort(function (sliceLeft, sliceRight) {
                    if (sliceLeft.searchTextCount !== sliceRight.searchTextCount) {
                      return sliceRight.searchTextCount - sliceLeft.searchTextCount;
                    } else if (sliceLeft.hits.length !== sliceRight.hits.length) {
                      return sliceRight.hits.length - sliceLeft.hits.length;
                    } else {
                      return sliceLeft.start - sliceRight.start;
                    }
                  });

                  // select top N slices in content

                  var upperBound = parseInt('1');
                  if (upperBound >= 0) {
                    slicesOfContent = slicesOfContent.slice(0, upperBound);
                  }

                  // highlight title and content

                  function highlightKeyword(text, slice) {
                    var result = '';
                    var prevEnd = slice.start;
                    slice.hits.forEach(function (hit) {
                      result += text.substring(prevEnd, hit.position);
                      var end = hit.position + hit.length;
                      result += '<b class="search-keyword">' + text.substring(hit.position, end) + '</b>';
                      prevEnd = end;
                    });
                    result += text.substring(prevEnd, slice.end);
                    return result;
                  }

                  var resultItem = '';

                  if (slicesOfTitle.length != 0) {
                    resultItem += "<li><a href='" + articleUrl + "' class='search-result-title'>" + highlightKeyword(title, slicesOfTitle[0]) + "</a>";
                  } else {
                    resultItem += "<li><a href='" + articleUrl + "' class='search-result-title'>" + title + "</a>";
                  }

                  slicesOfContent.forEach(function (slice) {
                    resultItem += "<a href='" + articleUrl + "'>" +
                      "<p class=\"search-result\">" + highlightKeyword(content, slice) +
                      "...</p>" + "</a>";
                  });

                  resultItem += "</li>";
                  resultItems.push({
                    item: resultItem,
                    searchTextCount: searchTextCount,
                    hitCount: hitCount,
                    id: resultItems.length
                  });
                }
              })
            };
            if (keywords.length === 1 && keywords[0] === "") {
              resultContent.innerHTML = '<div id="no-result"><i class="fa fa-search fa-5x" /></div>'
            } else if (resultItems.length === 0) {
              resultContent.innerHTML = '<div id="no-result"><i class="fa fa-frown-o fa-5x" /></div>'
            } else {
              resultItems.sort(function (resultLeft, resultRight) {
                if (resultLeft.searchTextCount !== resultRight.searchTextCount) {
                  return resultRight.searchTextCount - resultLeft.searchTextCount;
                } else if (resultLeft.hitCount !== resultRight.hitCount) {
                  return resultRight.hitCount - resultLeft.hitCount;
                } else {
                  return resultRight.id - resultLeft.id;
                }
              });
              var searchResultList = '<ul class=\"search-result-list\">';
              resultItems.forEach(function (result) {
                searchResultList += result.item;
              })
              searchResultList += "</ul>";
              resultContent.innerHTML = searchResultList;
            }
          }

          if ('auto' === 'auto') {
            input.addEventListener('input', inputEventFunction);
          } else {
            $('.search-icon').click(inputEventFunction);
            input.addEventListener('keypress', function (event) {
              if (event.keyCode === 13) {
                inputEventFunction();
              }
            });
          }

          // remove loading animation
          $(".local-search-pop-overlay").remove();
          $('body').css('overflow', '');

          proceedsearch();
        }
      });
    }

    // handle and trigger popup window;
    $('.popup-trigger').click(function(e) {
      e.stopPropagation();
      if (isfetched === false) {
        searchFunc(path, 'local-search-input', 'local-search-result');
      } else {
        proceedsearch();
      };
    });

    $('.popup-btn-close').click(onPopupClose);
    $('.popup').click(function(e){
      e.stopPropagation();
    });
    $(document).on('keyup', function (event) {
      var shouldDismissSearchPopup = event.which === 27 &&
        $('.search-popup').is(':visible');
      if (shouldDismissSearchPopup) {
        onPopupClose();
      }
    });
  </script>





  

  

  

  
  

  

  

  



</body>
</html>
<script type="text/javascript" src="/js/src/love.js"></script>
